Reconnecting to live updates…

Maltrail IOC for 2026-06-01

Severity: mediumType: malware

AI Analysis

Technical Summary

The report details a Maltrail IOC for June 1, 2026, indicating observed malware-related network activity. The data originates from the CIRCL OSINT Feed and is classified as medium risk. No technical indicators or affected software versions are specified, and no exploits are known to be active. This is an observational threat intelligence entry without actionable patch or mitigation details.

Potential Impact

The impact is currently limited to the identification of suspicious or malicious network activity associated with malware. Without specific indicators or affected software, the direct impact on systems cannot be precisely determined. No active exploitation or vulnerabilities have been confirmed.

Mitigation Recommendations

No patch or official remediation is available for this IOC. As this is an observational intelligence report without specific actionable indicators, no direct mitigation steps can be recommended. Security teams should monitor relevant threat intelligence feeds for updates and apply standard network security practices as appropriate.

Indicators of Compromise

url: https://api.github.com/repos/stamparm/maltrail/commits/484a67f82c9fb6aee55dfbbe865032e4b3c81fda
domain: bbople.icu
domain: cdn.yybane.icu
domain: erggan.icu
domain: uunuyi.icu
url: https://api.github.com/repos/stamparm/maltrail/commits/2b9b6ebebaecced2a25887a8cf51a9f1694d50ce
domain: hardsmi.cyou
url: https://api.github.com/repos/stamparm/maltrail/commits/2057cc51864653becaf294ed2f4c36035dd70384
domain: fbclickgo.win
domain: fbids.com
url: https://api.github.com/repos/stamparm/maltrail/commits/8cd965be64c35bc228b269bcaa2bf34c2098ea55
ip: 188.137.254.82
ip: 193.233.82.76
ip: 89.124.108.104
ip: 89.124.99.84
url: https://api.github.com/repos/stamparm/maltrail/commits/b1b1344523bb6d1dbaa289536850160ad3fa76e0
ip: 147.124.211.143
ip: 147.124.212.178
ip: 147.124.212.180
ip: 147.124.212.207
ip: 176.9.174.137
ip: 37.48.102.17
ip: 45.43.11.214
ip: 66.235.168.158
url: https://api.github.com/repos/stamparm/maltrail/commits/80f920f0722b5e0119e623a821bf8ca87d57e468
domain: crowddaughter.info
domain: quarterants.xyz
domain: supportbottle.info
domain: volcanosisters.xyz
url: https://api.github.com/repos/stamparm/maltrail/commits/db96fead13ebcfdce283f6c938561ab5222d7c36
domain: cepeek.yoga
url: https://api.github.com/repos/stamparm/maltrail/commits/366a806dc553ea1a326db541ce4bac4dc5c3e6d5
domain: maxoria.cyou
domain: sraspadinhagratuito2026.cyou
url: https://api.github.com/repos/stamparm/maltrail/commits/0b35c7b4b34c4899425eab70294fb1c141ab8efa
url: https://app.validin.com/detail?find=edc16e04a8ca23706e25&type=hash&ref_id=b74105f13c2#tab=host_pairs
domain: a9v8p0.cloudmellow.cc
domain: adjust-work.cc
domain: adjust-work.help
domain: adjust-work.one
domain: adjust-work.qpon
domain: adjust-work.rest
domain: b9r8y5.laseo.top
domain: circuitcoiltech.com
domain: cloudmellow.cc
domain: emjratezdraw.com
domain: flavorforgekitchencom.com
domain: getaivira.com
domain: homelabss.com
domain: laseo.top
domain: papersrecipe.com
domain: piortonist.com
domain: premiata-sng.com
domain: sophisticated-roasters.com
domain: svisteris.com
domain: tradehero-ai.com
domain: tydename.com
domain: vervehorizon.com
domain: vervehorizons.com
domain: visterinia.com
domain: vote-im.icu
domain: vote-im.rest
domain: vote-mi.click
domain: vote-mi.icu
domain: vote-ri.click
domain: vote-ri.icu
domain: vote-vs.rest
domain: wildwhisperrs.com
domain: yuntoren.com
url: https://api.github.com/repos/stamparm/maltrail/commits/7cbbcb1f450b8c66f2fcf015ec8ac6dc17e2327e
domain: roomtivora.com
url: https://api.github.com/repos/stamparm/maltrail/commits/9b6dccc074ffaf67feb34d5e99d13552b9c7d613
url: https://github.com/hagezi/dns-blocklists/issues/10367
url: https://www.virustotal.com/gui/file/4c84bdd35fc4c4afd29ad3f9185f8c8f4359d8ce8c38d089264a6dde14a6d68f/detection
domain: boostgroove.com
domain: cory.boostgroove.com
url: https://api.github.com/repos/stamparm/maltrail/commits/a0491731b58c8201b45463bf57deef171cf7f4a8
domain: liiinckeydin.com
domain: mirapido.org
domain: pumpfast.fun
url: https://api.github.com/repos/stamparm/maltrail/commits/5a91f5f4ba17520917ae7d8bbc8dfbcf36240dc2
url: https://x.com/skocherhan/status/2061152537529528508
domain: aanhjrq.myblog-nauth79s.dynv6.net
domain: abusecenter.unlockeblog11s.dynuddns.net
domain: abusecenter.uprocessblog9s.dynuddns.net
domain: auth-umblog1s.dynv6.net
domain: auth-umblog3s.dynv6.net
domain: blog-gcxikz.ublogcom24avs.dns.army
domain: blog-sfdvaob.ublogcom21avs.dns.army
domain: blogasreport2s.dynv6.net
domain: blogasreport83s.dynv6.net
domain: blogrighof10id.dynv6.net
domain: blogrighof1id.dynv6.net
domain: blogrighof27id.dynv6.net
domain: blogworks14th.dynv6.net
domain: blogworks26th.dynv6.net
domain: blogworks67th.dynv6.net
domain: blogworks6th.dynv6.net
domain: blogworks93th.dynv6.net
domain: chposting0s.dynv6.net
domain: chposting10s.dynv6.net
domain: chposting11s.dynv6.net
domain: chposting12s.dynv6.net
domain: chposting13s.dynv6.net
domain: chposting14s.dynv6.net
domain: chposting15s.dynv6.net
domain: chposting16s.dynv6.net
domain: chposting17s.dynv6.net
domain: chposting18s.dynv6.net
domain: chposting1s.dynv6.net
domain: chposting20s.dynv6.net
domain: chposting22s.dynv6.net
domain: chposting23s.dynv6.net
domain: chposting24s.dynv6.net
domain: chposting26s.dynv6.net
domain: chposting27s.dynv6.net
domain: chposting28s.dynv6.net
domain: chposting29s.dynv6.net
domain: chposting30s.dynv6.net
domain: chposting31s.dynv6.net
domain: chposting32s.dynv6.net
domain: chposting33s.dynv6.net
domain: chposting34s.dynv6.net
domain: chposting35s.dynv6.net
domain: chposting36s.dynv6.net
domain: chposting37s.dynv6.net
domain: chposting38s.dynv6.net
domain: chposting39s.dynv6.net
domain: chposting3s.dynv6.net
domain: chposting40s.dynv6.net
domain: chposting41s.dynv6.net
domain: chposting42s.dynv6.net
domain: chposting43s.dynv6.net
domain: chposting44s.dynv6.net
domain: chposting45s.dynv6.net
domain: chposting46s.dynv6.net
domain: chposting6s.dynv6.net
domain: chposting8s.dynv6.net
domain: clbazqrl.reverifyblogmid1s.dns.army
domain: cndgre.naveblogedit64s.dns.army
domain: ctxuqxwd.temppos61s.dynv6.net
domain: dazlvgk.ndeblogreceive65s.dynv6.net
domain: docinf.reportml14id.dynv6.net
domain: docinf.ubposting36s.dynv6.net
domain: eblogflag10s.dynv6.net
domain: eblogflag11s.dynv6.net
domain: eblogflag15s.dynv6.net
domain: eboardreport10s.dynuddns.net
domain: eboardreport17s.dynuddns.net
domain: eboardreport26s.dynuddns.net
domain: eboardreport28s.dynuddns.net
domain: eboardreports32s.dynv6.net
domain: eboardreports96s.dynv6.net
domain: edoc.reportml10id.dynv6.net
domain: edoc.reportml16id.dynv6.net
domain: ejcvdv.naveblogedit42s.dns.army
domain: enboardingreport12s.dns.army
domain: enboardingreport47s.dns.army
domain: enboardingreport70s.dns.army
domain: enboardingreport91s.dns.army
domain: enboardingreport93s.dns.army
domain: enboardingreport98s.dns.army
domain: etucgwb.ndeblogreceive31s.dynv6.net
domain: ghblwiua.nreceiveopt74s.dynv6.net
domain: gysszbr.ublogcom14avs.dns.army
domain: hcmjgjjj.nlockblogera.mydns.bz
domain: info.nbreceip29id.dynv6.net
domain: info.userblogreqt1s.dynv6.net
domain: jwcstpii.myblog-nauth21s.dynv6.net
domain: jypxdcy.temppos95s.dynv6.net
domain: kuvcboxi.ndeblogreceive48s.dynv6.net
domain: ltvhogf.reverifyblogmid8s.dns.army
domain: mgoqkht.nrepcenter2blog.dns.army
domain: mlxdicgz.reverifyblogmid18s.dns.army
domain: myblog-nauth0s.dynv6.net
domain: myblog-nauth21s.dynv6.net
domain: myblog-nauth36s.dynv6.net
domain: myblog-nauth37s.dynv6.net
domain: myblog-nauth41s.dynv6.net
domain: myblog-nauth49s.dynv6.net
domain: myblog-nauth54s.dynv6.net
domain: myblog-nauth73s.dynv6.net
domain: myblog-nauth74s.dynv6.net
domain: myblog-nauth79s.dynv6.net
domain: naveblogedit30s.dns.army
domain: naveblogedit42s.dns.army
domain: naveblogedit64s.dns.army
domain: nbclouds1avs.dynu.org
domain: nbclouds28avs.dynu.org
domain: nbclouds46avs.dynu.org
domain: nblogwork10th.dns.army
domain: nblogwork18th.dns.army
domain: nblogwork19th.dns.army
domain: nblogwork20th.dns.army
domain: nblogwork21th.dns.army
domain: nblogwork23th.dns.army
domain: nblogwork30th.dns.army
domain: nblogwork32th.dns.army
domain: nblogwork41th.dns.army
domain: nblogwork54th.dns.army
domain: nblogwork57th.dns.army
domain: nblogwork6th.dns.army
domain: nblogwork76th.dns.army
domain: nblogwork78th.dns.army
domain: nblogwork79th.dns.army
domain: nblogwork93th.dns.army
domain: nblogwork99th.dns.army
domain: nbreceip29id.dynv6.net
domain: ndajofp.myblog-nauth54s.dynv6.net
domain: ndeblogreceive14s.dynv6.net
domain: ndeblogreceive2s.dynv6.net
domain: ndeblogreceive31s.dynv6.net
domain: ndeblogreceive48s.dynv6.net
domain: ndeblogreceive55s.dynv6.net
domain: ndeblogreceive58s.dynv6.net
domain: ndeblogreceive5s.dynv6.net
domain: ndeblogreceive63s.dynv6.net
domain: ndeblogreceive65s.dynv6.net
domain: ndeblogreceive90s.dynv6.net
domain: ndeblogreceive96s.dynv6.net
domain: ndocline-st36s.dns.army
domain: ndocline-st42s.dns.army
domain: ndocline-st44s.dns.army
domain: ndocline-st48s.dns.army
domain: ndocline-st57s.dns.army
domain: ndocline-st64s.dns.army
domain: ndocline-st73s.dns.army
domain: netauth-umblog70s.dynv6.net
domain: netctxuqxwd.temppos61s.dynv6.net
domain: netmem-authcenter31s.dynv6.net
domain: netrequestmbl27s.dynv6.net
domain: nhsinsur10s.dynuddns.net
domain: nhsinsur1s.dynuddns.net
domain: nhsinsur2s.dynuddns.net
domain: nhsinsur5s.dynuddns.net
domain: nhsinsur6s.dynuddns.net
domain: nhsinsur7s.dynuddns.net
domain: nhsinsur8s.dynuddns.net
domain: nhsreports74s.dynv6.net
domain: nid-blog.uprocessblog7s.dynuddns.net
domain: nid.npt-memdoc23s.dynv6.net
domain: nid.userblogreqt7s.dynv6.net
domain: nidcenter.unlockeblog16s.dynuddns.net
domain: nidcenter.unlockeblog22s.dynuddns.net
domain: nidcenter.unlockeblog9s.dynuddns.net
domain: nidcenter.uprocessblog2s.dynuddns.net
domain: nlockblogera.mydns.bz
domain: npt-memdoc10s.dynv6.net
domain: npt-memdoc11s.dynv6.net
domain: npt-memdoc13s.dynv6.net
domain: npt-memdoc16s.dynv6.net
domain: npt-memdoc17s.dynv6.net
domain: npt-memdoc21s.dynv6.net
domain: npt-memdoc23s.dynv6.net
domain: npt-memdoc24s.dynv6.net
domain: npt-memdoc31s.dynv6.net
domain: npt-memdoc33s.dynv6.net
domain: npt-memdoc36s.dynv6.net
domain: npt-memdoc3s.dynv6.net
domain: npt-memdoc6s.dynv6.net
domain: nreceiveopt30s.dynv6.net
domain: nreceiveopt42s.dynv6.net
domain: nreceiveopt53s.dynv6.net
domain: nreceiveopt55s.dynv6.net
domain: nreceiveopt74s.dynv6.net
domain: nreceiveopt78s.dynv6.net
domain: nreceiveopt96s.dynv6.net
domain: nrepcenter17blog.dns.army
domain: nrepcenter29blog.dns.army
domain: nrepcenter2blog.dns.army
domain: nrepcenter31blog.dns.army
domain: nrepcenter33blog.dns.army
domain: nstaticblogera.mydns.bz
domain: ntblog-post25s.dynv6.net
domain: ntblog-post27s.dynv6.net
domain: ntblog-post39s.dynv6.net
domain: ntblog-post57s.dynv6.net
domain: ntblog-post65s.dynv6.net
domain: ntblog-post71s.dynv6.net
domain: ntblog-post77s.dynv6.net
domain: ntblog-post90s.dynv6.net
domain: nworkposting12s.dynv6.net
domain: nworkposting20s.dynv6.net
domain: nworkposting2s.dynv6.net
domain: nworkposting30s.dynv6.net
domain: nworkposting33s.dynv6.net
domain: nworkposting34s.dynv6.net
domain: nworkposting38s.dynv6.net
domain: nworkposting40s.dynv6.net
domain: nworkposting50s.dynv6.net
domain: nworkposting57s.dynv6.net
domain: nworkposting66s.dynv6.net
domain: nworkposting86s.dynv6.net
domain: nworkposting88s.dynv6.net
domain: nzudvvsv.reverifyblogmid1s.dns.army
domain: oqjplre.nrepcenter2blog.dns.army
domain: pbedxvnl.ndeblogreceive5s.dynv6.net
domain: reportml10id.dynv6.net
domain: reportml14id.dynv6.net
domain: reportml16id.dynv6.net
domain: reportml18id.dynv6.net
domain: reportml19id.dynv6.net
domain: reportml29id.dynv6.net
domain: reportml2id.dynv6.net
domain: reportml31id.dynv6.net
domain: reportml34id.dynv6.net
domain: reportml46id.dynv6.net
domain: reportml94id.dynv6.net
domain: reverifyblogmid18s.dns.army
domain: reverifyblogmid1s.dns.army
domain: reverifyblogmid24s.dns.army
domain: reverifyblogmid47s.dns.army
domain: reverifyblogmid49s.dns.army
domain: reverifyblogmid8s.dns.army
domain: scqrzon.naveblogedit30s.dns.army
domain: sfamehx.reverifyblogmid49s.dns.army
domain: tdjqlo.nrepcenter17blog.dns.army
domain: temppos61s.dynv6.net
domain: temppos95s.dynv6.net
domain: ublog.nworkposting34s.dynv6.net
domain: ublogcom14avs.dns.army
domain: ublogcom17avs.dns.army
domain: ublogcom20avs.dns.army
domain: ublogcom21avs.dns.army
domain: ublogcom22avs.dns.army
domain: ublogcom24avs.dns.army
domain: ublogcom32avs.dns.army
domain: ublogrec18s.dynv6.net
domain: ublogrec42s.dynv6.net
domain: ublogrec87s.dynv6.net
domain: ubposting12s.dynv6.net
domain: ubposting36s.dynv6.net
domain: unlockeblog11s.dynuddns.net
domain: unlockeblog16s.dynuddns.net
domain: unlockeblog1s.dynuddns.net
domain: unlockeblog20s.dynuddns.net
domain: unlockeblog22s.dynuddns.net
domain: unlockeblog3s.dynuddns.net
domain: unlockeblog9s.dynuddns.net
domain: uprocessblog10s.dynuddns.net
domain: uprocessblog1s.dynuddns.net
domain: uprocessblog2s.dynuddns.net
domain: uprocessblog3s.dynuddns.net
domain: uprocessblog5s.dynuddns.net
domain: uprocessblog7s.dynuddns.net
domain: uprocessblog8s.dynuddns.net
domain: uprocessblog9s.dynuddns.net
domain: userblogreqt1s.dynv6.net
domain: userblogreqt2s.dynv6.net
domain: userblogreqt3s.dynv6.net
domain: userblogreqt5s.dynv6.net
domain: userblogreqt7s.dynv6.net
domain: userinfo.reportml34id.dynv6.net
domain: userinfo.reportml46id.dynv6.net
domain: userinfo.ubposting12s.dynv6.net
domain: userpinv.mydns.bz
domain: uszgaz.nrepcenter33blog.dns.army
domain: viwfjugh.nreceiveopt55s.dynv6.net
domain: whfscqen.reverifyblogmid24s.dns.army
domain: zaajew.ndeblogreceive96s.dynv6.net
domain: zczaoa.nlockblogera.mydns.bz
domain: ztphnms.nworkposting2s.dynv6.net
domain: zwjqve.ublogcom20avs.dns.army
domain: zwsrbab.nrepcenter31blog.dns.army
url: https://api.github.com/repos/stamparm/maltrail/commits/951a7f39e33a1504585a1dd87eaeee89e6272063
domain: bloodgroupcrib.com
domain: chiroaz.com
domain: claytonpestcontrol.com
domain: contextualdesigns.com
domain: privatedetectivetampa.com
domain: trendoragame.com

Maltrail IOC for 2026-06-01

Severity: medium

Type: malware

Maltrail IOC for 2026-06-01

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

url: https://api.github.com/repos/stamparm/maltrail/commits/484a67f82c9fb6aee55dfbbe865032e4b3c81fda
domain: bbople.icu
domain: cdn.yybane.icu
domain: erggan.icu
domain: uunuyi.icu
url: https://api.github.com/repos/stamparm/maltrail/commits/2b9b6ebebaecced2a25887a8cf51a9f1694d50ce
domain: hardsmi.cyou
url: https://api.github.com/repos/stamparm/maltrail/commits/2057cc51864653becaf294ed2f4c36035dd70384
domain: fbclickgo.win
domain: fbids.com
url: https://api.github.com/repos/stamparm/maltrail/commits/8cd965be64c35bc228b269bcaa2bf34c2098ea55
ip: 188.137.254.82
ip: 193.233.82.76
ip: 89.124.108.104
ip: 89.124.99.84
url: https://api.github.com/repos/stamparm/maltrail/commits/b1b1344523bb6d1dbaa289536850160ad3fa76e0
ip: 147.124.211.143
ip: 147.124.212.178
ip: 147.124.212.180
ip: 147.124.212.207
ip: 176.9.174.137
ip: 37.48.102.17
ip: 45.43.11.214
ip: 66.235.168.158
url: https://api.github.com/repos/stamparm/maltrail/commits/80f920f0722b5e0119e623a821bf8ca87d57e468
domain: crowddaughter.info
domain: quarterants.xyz
domain: supportbottle.info
domain: volcanosisters.xyz
url: https://api.github.com/repos/stamparm/maltrail/commits/db96fead13ebcfdce283f6c938561ab5222d7c36
domain: cepeek.yoga
url: https://api.github.com/repos/stamparm/maltrail/commits/366a806dc553ea1a326db541ce4bac4dc5c3e6d5
domain: maxoria.cyou
domain: sraspadinhagratuito2026.cyou
url: https://api.github.com/repos/stamparm/maltrail/commits/0b35c7b4b34c4899425eab70294fb1c141ab8efa
url: https://app.validin.com/detail?find=edc16e04a8ca23706e25&type=hash&ref_id=b74105f13c2#tab=host_pairs
domain: a9v8p0.cloudmellow.cc
domain: adjust-work.cc
domain: adjust-work.help
domain: adjust-work.one
domain: adjust-work.qpon
domain: adjust-work.rest
domain: b9r8y5.laseo.top
domain: circuitcoiltech.com
domain: cloudmellow.cc
domain: emjratezdraw.com
domain: flavorforgekitchencom.com
domain: getaivira.com
domain: homelabss.com
domain: laseo.top
domain: papersrecipe.com
domain: piortonist.com
domain: premiata-sng.com
domain: sophisticated-roasters.com
domain: svisteris.com
domain: tradehero-ai.com
domain: tydename.com
domain: vervehorizon.com
domain: vervehorizons.com
domain: visterinia.com
domain: vote-im.icu
domain: vote-im.rest
domain: vote-mi.click
domain: vote-mi.icu
domain: vote-ri.click
domain: vote-ri.icu
domain: vote-vs.rest
domain: wildwhisperrs.com
domain: yuntoren.com
url: https://api.github.com/repos/stamparm/maltrail/commits/7cbbcb1f450b8c66f2fcf015ec8ac6dc17e2327e
domain: roomtivora.com
url: https://api.github.com/repos/stamparm/maltrail/commits/9b6dccc074ffaf67feb34d5e99d13552b9c7d613
url: https://github.com/hagezi/dns-blocklists/issues/10367
url: https://www.virustotal.com/gui/file/4c84bdd35fc4c4afd29ad3f9185f8c8f4359d8ce8c38d089264a6dde14a6d68f/detection
domain: boostgroove.com
domain: cory.boostgroove.com
url: https://api.github.com/repos/stamparm/maltrail/commits/a0491731b58c8201b45463bf57deef171cf7f4a8
domain: liiinckeydin.com
domain: mirapido.org
domain: pumpfast.fun
url: https://api.github.com/repos/stamparm/maltrail/commits/5a91f5f4ba17520917ae7d8bbc8dfbcf36240dc2
url: https://x.com/skocherhan/status/2061152537529528508
domain: aanhjrq.myblog-nauth79s.dynv6.net
domain: abusecenter.unlockeblog11s.dynuddns.net
domain: abusecenter.uprocessblog9s.dynuddns.net
domain: auth-umblog1s.dynv6.net
domain: auth-umblog3s.dynv6.net
domain: blog-gcxikz.ublogcom24avs.dns.army
domain: blog-sfdvaob.ublogcom21avs.dns.army
domain: blogasreport2s.dynv6.net
domain: blogasreport83s.dynv6.net
domain: blogrighof10id.dynv6.net
domain: blogrighof1id.dynv6.net
domain: blogrighof27id.dynv6.net
domain: blogworks14th.dynv6.net
domain: blogworks26th.dynv6.net
domain: blogworks67th.dynv6.net
domain: blogworks6th.dynv6.net
domain: blogworks93th.dynv6.net
domain: chposting0s.dynv6.net
domain: chposting10s.dynv6.net
domain: chposting11s.dynv6.net
domain: chposting12s.dynv6.net
domain: chposting13s.dynv6.net
domain: chposting14s.dynv6.net
domain: chposting15s.dynv6.net
domain: chposting16s.dynv6.net
domain: chposting17s.dynv6.net
domain: chposting18s.dynv6.net
domain: chposting1s.dynv6.net
domain: chposting20s.dynv6.net
domain: chposting22s.dynv6.net
domain: chposting23s.dynv6.net
domain: chposting24s.dynv6.net
domain: chposting26s.dynv6.net
domain: chposting27s.dynv6.net
domain: chposting28s.dynv6.net
domain: chposting29s.dynv6.net
domain: chposting30s.dynv6.net
domain: chposting31s.dynv6.net
domain: chposting32s.dynv6.net
domain: chposting33s.dynv6.net
domain: chposting34s.dynv6.net
domain: chposting35s.dynv6.net
domain: chposting36s.dynv6.net
domain: chposting37s.dynv6.net
domain: chposting38s.dynv6.net
domain: chposting39s.dynv6.net
domain: chposting3s.dynv6.net
domain: chposting40s.dynv6.net
domain: chposting41s.dynv6.net
domain: chposting42s.dynv6.net
domain: chposting43s.dynv6.net
domain: chposting44s.dynv6.net
domain: chposting45s.dynv6.net
domain: chposting46s.dynv6.net
domain: chposting6s.dynv6.net
domain: chposting8s.dynv6.net
domain: clbazqrl.reverifyblogmid1s.dns.army
domain: cndgre.naveblogedit64s.dns.army
domain: ctxuqxwd.temppos61s.dynv6.net
domain: dazlvgk.ndeblogreceive65s.dynv6.net
domain: docinf.reportml14id.dynv6.net
domain: docinf.ubposting36s.dynv6.net
domain: eblogflag10s.dynv6.net
domain: eblogflag11s.dynv6.net
domain: eblogflag15s.dynv6.net
domain: eboardreport10s.dynuddns.net
domain: eboardreport17s.dynuddns.net
domain: eboardreport26s.dynuddns.net
domain: eboardreport28s.dynuddns.net
domain: eboardreports32s.dynv6.net
domain: eboardreports96s.dynv6.net
domain: edoc.reportml10id.dynv6.net
domain: edoc.reportml16id.dynv6.net
domain: ejcvdv.naveblogedit42s.dns.army
domain: enboardingreport12s.dns.army
domain: enboardingreport47s.dns.army
domain: enboardingreport70s.dns.army
domain: enboardingreport91s.dns.army
domain: enboardingreport93s.dns.army
domain: enboardingreport98s.dns.army
domain: etucgwb.ndeblogreceive31s.dynv6.net
domain: ghblwiua.nreceiveopt74s.dynv6.net
domain: gysszbr.ublogcom14avs.dns.army
domain: hcmjgjjj.nlockblogera.mydns.bz
domain: info.nbreceip29id.dynv6.net
domain: info.userblogreqt1s.dynv6.net
domain: jwcstpii.myblog-nauth21s.dynv6.net
domain: jypxdcy.temppos95s.dynv6.net
domain: kuvcboxi.ndeblogreceive48s.dynv6.net
domain: ltvhogf.reverifyblogmid8s.dns.army
domain: mgoqkht.nrepcenter2blog.dns.army
domain: mlxdicgz.reverifyblogmid18s.dns.army
domain: myblog-nauth0s.dynv6.net
domain: myblog-nauth21s.dynv6.net
domain: myblog-nauth36s.dynv6.net
domain: myblog-nauth37s.dynv6.net
domain: myblog-nauth41s.dynv6.net
domain: myblog-nauth49s.dynv6.net
domain: myblog-nauth54s.dynv6.net
domain: myblog-nauth73s.dynv6.net
domain: myblog-nauth74s.dynv6.net
domain: myblog-nauth79s.dynv6.net
domain: naveblogedit30s.dns.army
domain: naveblogedit42s.dns.army
domain: naveblogedit64s.dns.army
domain: nbclouds1avs.dynu.org
domain: nbclouds28avs.dynu.org
domain: nbclouds46avs.dynu.org
domain: nblogwork10th.dns.army
domain: nblogwork18th.dns.army
domain: nblogwork19th.dns.army
domain: nblogwork20th.dns.army
domain: nblogwork21th.dns.army
domain: nblogwork23th.dns.army
domain: nblogwork30th.dns.army
domain: nblogwork32th.dns.army
domain: nblogwork41th.dns.army
domain: nblogwork54th.dns.army
domain: nblogwork57th.dns.army
domain: nblogwork6th.dns.army
domain: nblogwork76th.dns.army
domain: nblogwork78th.dns.army
domain: nblogwork79th.dns.army
domain: nblogwork93th.dns.army
domain: nblogwork99th.dns.army
domain: nbreceip29id.dynv6.net
domain: ndajofp.myblog-nauth54s.dynv6.net
domain: ndeblogreceive14s.dynv6.net
domain: ndeblogreceive2s.dynv6.net
domain: ndeblogreceive31s.dynv6.net
domain: ndeblogreceive48s.dynv6.net
domain: ndeblogreceive55s.dynv6.net
domain: ndeblogreceive58s.dynv6.net
domain: ndeblogreceive5s.dynv6.net
domain: ndeblogreceive63s.dynv6.net
domain: ndeblogreceive65s.dynv6.net
domain: ndeblogreceive90s.dynv6.net
domain: ndeblogreceive96s.dynv6.net
domain: ndocline-st36s.dns.army
domain: ndocline-st42s.dns.army
domain: ndocline-st44s.dns.army
domain: ndocline-st48s.dns.army
domain: ndocline-st57s.dns.army
domain: ndocline-st64s.dns.army
domain: ndocline-st73s.dns.army
domain: netauth-umblog70s.dynv6.net
domain: netctxuqxwd.temppos61s.dynv6.net
domain: netmem-authcenter31s.dynv6.net
domain: netrequestmbl27s.dynv6.net
domain: nhsinsur10s.dynuddns.net
domain: nhsinsur1s.dynuddns.net
domain: nhsinsur2s.dynuddns.net
domain: nhsinsur5s.dynuddns.net
domain: nhsinsur6s.dynuddns.net
domain: nhsinsur7s.dynuddns.net
domain: nhsinsur8s.dynuddns.net
domain: nhsreports74s.dynv6.net
domain: nid-blog.uprocessblog7s.dynuddns.net
domain: nid.npt-memdoc23s.dynv6.net
domain: nid.userblogreqt7s.dynv6.net
domain: nidcenter.unlockeblog16s.dynuddns.net
domain: nidcenter.unlockeblog22s.dynuddns.net
domain: nidcenter.unlockeblog9s.dynuddns.net
domain: nidcenter.uprocessblog2s.dynuddns.net
domain: nlockblogera.mydns.bz
domain: npt-memdoc10s.dynv6.net
domain: npt-memdoc11s.dynv6.net
domain: npt-memdoc13s.dynv6.net
domain: npt-memdoc16s.dynv6.net
domain: npt-memdoc17s.dynv6.net
domain: npt-memdoc21s.dynv6.net
domain: npt-memdoc23s.dynv6.net
domain: npt-memdoc24s.dynv6.net
domain: npt-memdoc31s.dynv6.net
domain: npt-memdoc33s.dynv6.net
domain: npt-memdoc36s.dynv6.net
domain: npt-memdoc3s.dynv6.net
domain: npt-memdoc6s.dynv6.net
domain: nreceiveopt30s.dynv6.net
domain: nreceiveopt42s.dynv6.net
domain: nreceiveopt53s.dynv6.net
domain: nreceiveopt55s.dynv6.net
domain: nreceiveopt74s.dynv6.net
domain: nreceiveopt78s.dynv6.net
domain: nreceiveopt96s.dynv6.net
domain: nrepcenter17blog.dns.army
domain: nrepcenter29blog.dns.army
domain: nrepcenter2blog.dns.army
domain: nrepcenter31blog.dns.army
domain: nrepcenter33blog.dns.army
domain: nstaticblogera.mydns.bz
domain: ntblog-post25s.dynv6.net
domain: ntblog-post27s.dynv6.net
domain: ntblog-post39s.dynv6.net
domain: ntblog-post57s.dynv6.net
domain: ntblog-post65s.dynv6.net
domain: ntblog-post71s.dynv6.net
domain: ntblog-post77s.dynv6.net
domain: ntblog-post90s.dynv6.net
domain: nworkposting12s.dynv6.net
domain: nworkposting20s.dynv6.net
domain: nworkposting2s.dynv6.net
domain: nworkposting30s.dynv6.net
domain: nworkposting33s.dynv6.net
domain: nworkposting34s.dynv6.net
domain: nworkposting38s.dynv6.net
domain: nworkposting40s.dynv6.net
domain: nworkposting50s.dynv6.net
domain: nworkposting57s.dynv6.net
domain: nworkposting66s.dynv6.net
domain: nworkposting86s.dynv6.net
domain: nworkposting88s.dynv6.net
domain: nzudvvsv.reverifyblogmid1s.dns.army
domain: oqjplre.nrepcenter2blog.dns.army
domain: pbedxvnl.ndeblogreceive5s.dynv6.net
domain: reportml10id.dynv6.net
domain: reportml14id.dynv6.net
domain: reportml16id.dynv6.net
domain: reportml18id.dynv6.net
domain: reportml19id.dynv6.net
domain: reportml29id.dynv6.net
domain: reportml2id.dynv6.net
domain: reportml31id.dynv6.net
domain: reportml34id.dynv6.net
domain: reportml46id.dynv6.net
domain: reportml94id.dynv6.net
domain: reverifyblogmid18s.dns.army
domain: reverifyblogmid1s.dns.army
domain: reverifyblogmid24s.dns.army
domain: reverifyblogmid47s.dns.army
domain: reverifyblogmid49s.dns.army
domain: reverifyblogmid8s.dns.army
domain: scqrzon.naveblogedit30s.dns.army
domain: sfamehx.reverifyblogmid49s.dns.army
domain: tdjqlo.nrepcenter17blog.dns.army
domain: temppos61s.dynv6.net
domain: temppos95s.dynv6.net
domain: ublog.nworkposting34s.dynv6.net
domain: ublogcom14avs.dns.army
domain: ublogcom17avs.dns.army
domain: ublogcom20avs.dns.army
domain: ublogcom21avs.dns.army
domain: ublogcom22avs.dns.army
domain: ublogcom24avs.dns.army
domain: ublogcom32avs.dns.army
domain: ublogrec18s.dynv6.net
domain: ublogrec42s.dynv6.net
domain: ublogrec87s.dynv6.net
domain: ubposting12s.dynv6.net
domain: ubposting36s.dynv6.net
domain: unlockeblog11s.dynuddns.net
domain: unlockeblog16s.dynuddns.net
domain: unlockeblog1s.dynuddns.net
domain: unlockeblog20s.dynuddns.net
domain: unlockeblog22s.dynuddns.net
domain: unlockeblog3s.dynuddns.net
domain: unlockeblog9s.dynuddns.net
domain: uprocessblog10s.dynuddns.net
domain: uprocessblog1s.dynuddns.net
domain: uprocessblog2s.dynuddns.net
domain: uprocessblog3s.dynuddns.net
domain: uprocessblog5s.dynuddns.net
domain: uprocessblog7s.dynuddns.net
domain: uprocessblog8s.dynuddns.net
domain: uprocessblog9s.dynuddns.net
domain: userblogreqt1s.dynv6.net
domain: userblogreqt2s.dynv6.net
domain: userblogreqt3s.dynv6.net
domain: userblogreqt5s.dynv6.net
domain: userblogreqt7s.dynv6.net
domain: userinfo.reportml34id.dynv6.net
domain: userinfo.reportml46id.dynv6.net
domain: userinfo.ubposting12s.dynv6.net
domain: userpinv.mydns.bz
domain: uszgaz.nrepcenter33blog.dns.army
domain: viwfjugh.nreceiveopt55s.dynv6.net
domain: whfscqen.reverifyblogmid24s.dns.army
domain: zaajew.ndeblogreceive96s.dynv6.net
domain: zczaoa.nlockblogera.mydns.bz
domain: ztphnms.nworkposting2s.dynv6.net
domain: zwjqve.ublogcom20avs.dns.army
domain: zwsrbab.nrepcenter31blog.dns.army
url: https://api.github.com/repos/stamparm/maltrail/commits/951a7f39e33a1504585a1dd87eaeee89e6272063
domain: bloodgroupcrib.com
domain: chiroaz.com
domain: claytonpestcontrol.com
domain: contextualdesigns.com
domain: privatedetectivetampa.com
domain: trendoragame.com

Source: CIRCL OSINT Feed

Published: Sun May 31 2026

Maltrail IOC for 2026-06-01

Medium

Malwaretlp:clear malware misp:threat-level="medium-risk"misp:event-type="observation"misp:automation-level="unsupervised"type:osint osint:lifetime="perpetual"osint:source-type="manual-collection"

Published: Sun May 31 2026 (05/31/2026, 00:00:00 UTC)

Source: CIRCL OSINT Feed

Description

Maltrail IOC for 2026-06-01

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 06/01/2026, 10:33:28 UTC

Technical Analysis

Potential Impact

Mitigation Recommendations

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Uuid: e23472df-ca0e-42e3-a1d8-903fef202593
Original Timestamp: 1780308051

Indicators of Compromise

Url

Value	Description	Copy
urlhttps://api.github.com/repos/stamparm/maltrail/commits/484a67f82c9fb6aee55dfbbe865032e4b3c81fda	android_fvncbot
urlhttps://api.github.com/repos/stamparm/maltrail/commits/2b9b6ebebaecced2a25887a8cf51a9f1694d50ce	lummac2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/2057cc51864653becaf294ed2f4c36035dd70384	magentocore
urlhttps://api.github.com/repos/stamparm/maltrail/commits/8cd965be64c35bc228b269bcaa2bf34c2098ea55	sectoprat
urlhttps://api.github.com/repos/stamparm/maltrail/commits/b1b1344523bb6d1dbaa289536850160ad3fa76e0	apt_lazarus
urlhttps://api.github.com/repos/stamparm/maltrail/commits/80f920f0722b5e0119e623a821bf8ca87d57e468	offloader
urlhttps://api.github.com/repos/stamparm/maltrail/commits/db96fead13ebcfdce283f6c938561ab5222d7c36	android_joker
urlhttps://api.github.com/repos/stamparm/maltrail/commits/366a806dc553ea1a326db541ce4bac4dc5c3e6d5	cyberstrikeai
urlhttps://api.github.com/repos/stamparm/maltrail/commits/0b35c7b4b34c4899425eab70294fb1c141ab8efa	nightshadec2
urlhttps://app.validin.com/detail?find=edc16e04a8ca23706e25&type=hash&ref_id=b74105f13c2#tab=host_pairs	nightshadec2
urlhttps://api.github.com/repos/stamparm/maltrail/commits/7cbbcb1f450b8c66f2fcf015ec8ac6dc17e2327e	osx_nova
urlhttps://api.github.com/repos/stamparm/maltrail/commits/9b6dccc074ffaf67feb34d5e99d13552b9c7d613	fakeapp
urlhttps://github.com/hagezi/dns-blocklists/issues/10367	fakeapp
urlhttps://www.virustotal.com/gui/file/4c84bdd35fc4c4afd29ad3f9185f8c8f4359d8ce8c38d089264a6dde14a6d68f/detection	fakeapp
urlhttps://api.github.com/repos/stamparm/maltrail/commits/a0491731b58c8201b45463bf57deef171cf7f4a8	osx_nova
urlhttps://api.github.com/repos/stamparm/maltrail/commits/5a91f5f4ba17520917ae7d8bbc8dfbcf36240dc2	apt_kimsuky
urlhttps://x.com/skocherhan/status/2061152537529528508	apt_kimsuky
urlhttps://api.github.com/repos/stamparm/maltrail/commits/951a7f39e33a1504585a1dd87eaeee89e6272063	apt_unc2465

Domain

Value	Description	Copy
domainbbople.icu	android_fvncbot
domaincdn.yybane.icu	android_fvncbot
domainerggan.icu	android_fvncbot
domainuunuyi.icu	android_fvncbot
domainhardsmi.cyou	lummac2
domainfbclickgo.win	magentocore
domainfbids.com	magentocore
domaincrowddaughter.info	offloader
domainquarterants.xyz	offloader
domainsupportbottle.info	offloader
domainvolcanosisters.xyz	offloader
domaincepeek.yoga	android_joker
domainmaxoria.cyou	cyberstrikeai
domainsraspadinhagratuito2026.cyou	cyberstrikeai
domaina9v8p0.cloudmellow.cc	nightshadec2
domainadjust-work.cc	nightshadec2
domainadjust-work.help	nightshadec2
domainadjust-work.one	nightshadec2
domainadjust-work.qpon	nightshadec2
domainadjust-work.rest	nightshadec2
domainb9r8y5.laseo.top	nightshadec2
domaincircuitcoiltech.com	nightshadec2
domaincloudmellow.cc	nightshadec2
domainemjratezdraw.com	nightshadec2
domainflavorforgekitchencom.com	nightshadec2
domaingetaivira.com	nightshadec2
domainhomelabss.com	nightshadec2
domainlaseo.top	nightshadec2
domainpapersrecipe.com	nightshadec2
domainpiortonist.com	nightshadec2
domainpremiata-sng.com	nightshadec2
domainsophisticated-roasters.com	nightshadec2
domainsvisteris.com	nightshadec2
domaintradehero-ai.com	nightshadec2
domaintydename.com	nightshadec2
domainvervehorizon.com	nightshadec2
domainvervehorizons.com	nightshadec2
domainvisterinia.com	nightshadec2
domainvote-im.icu	nightshadec2
domainvote-im.rest	nightshadec2
domainvote-mi.click	nightshadec2
domainvote-mi.icu	nightshadec2
domainvote-ri.click	nightshadec2
domainvote-ri.icu	nightshadec2
domainvote-vs.rest	nightshadec2
domainwildwhisperrs.com	nightshadec2
domainyuntoren.com	nightshadec2
domainroomtivora.com	osx_nova
domainboostgroove.com	fakeapp
domaincory.boostgroove.com	fakeapp
domainliiinckeydin.com	osx_nova
domainmirapido.org	osx_nova
domainpumpfast.fun	osx_nova
domainaanhjrq.myblog-nauth79s.dynv6.net	apt_kimsuky
domainabusecenter.unlockeblog11s.dynuddns.net	apt_kimsuky
domainabusecenter.uprocessblog9s.dynuddns.net	apt_kimsuky
domainauth-umblog1s.dynv6.net	apt_kimsuky
domainauth-umblog3s.dynv6.net	apt_kimsuky
domainblog-gcxikz.ublogcom24avs.dns.army	apt_kimsuky
domainblog-sfdvaob.ublogcom21avs.dns.army	apt_kimsuky
domainblogasreport2s.dynv6.net	apt_kimsuky
domainblogasreport83s.dynv6.net	apt_kimsuky
domainblogrighof10id.dynv6.net	apt_kimsuky
domainblogrighof1id.dynv6.net	apt_kimsuky
domainblogrighof27id.dynv6.net	apt_kimsuky
domainblogworks14th.dynv6.net	apt_kimsuky
domainblogworks26th.dynv6.net	apt_kimsuky
domainblogworks67th.dynv6.net	apt_kimsuky
domainblogworks6th.dynv6.net	apt_kimsuky
domainblogworks93th.dynv6.net	apt_kimsuky
domainchposting0s.dynv6.net	apt_kimsuky
domainchposting10s.dynv6.net	apt_kimsuky
domainchposting11s.dynv6.net	apt_kimsuky
domainchposting12s.dynv6.net	apt_kimsuky
domainchposting13s.dynv6.net	apt_kimsuky
domainchposting14s.dynv6.net	apt_kimsuky
domainchposting15s.dynv6.net	apt_kimsuky
domainchposting16s.dynv6.net	apt_kimsuky
domainchposting17s.dynv6.net	apt_kimsuky
domainchposting18s.dynv6.net	apt_kimsuky
domainchposting1s.dynv6.net	apt_kimsuky
domainchposting20s.dynv6.net	apt_kimsuky
domainchposting22s.dynv6.net	apt_kimsuky
domainchposting23s.dynv6.net	apt_kimsuky
domainchposting24s.dynv6.net	apt_kimsuky
domainchposting26s.dynv6.net	apt_kimsuky
domainchposting27s.dynv6.net	apt_kimsuky
domainchposting28s.dynv6.net	apt_kimsuky
domainchposting29s.dynv6.net	apt_kimsuky
domainchposting30s.dynv6.net	apt_kimsuky
domainchposting31s.dynv6.net	apt_kimsuky
domainchposting32s.dynv6.net	apt_kimsuky
domainchposting33s.dynv6.net	apt_kimsuky
domainchposting34s.dynv6.net	apt_kimsuky
domainchposting35s.dynv6.net	apt_kimsuky
domainchposting36s.dynv6.net	apt_kimsuky
domainchposting37s.dynv6.net	apt_kimsuky
domainchposting38s.dynv6.net	apt_kimsuky
domainchposting39s.dynv6.net	apt_kimsuky
domainchposting3s.dynv6.net	apt_kimsuky
domainchposting40s.dynv6.net	apt_kimsuky
domainchposting41s.dynv6.net	apt_kimsuky
domainchposting42s.dynv6.net	apt_kimsuky
domainchposting43s.dynv6.net	apt_kimsuky
domainchposting44s.dynv6.net	apt_kimsuky
domainchposting45s.dynv6.net	apt_kimsuky
domainchposting46s.dynv6.net	apt_kimsuky
domainchposting6s.dynv6.net	apt_kimsuky
domainchposting8s.dynv6.net	apt_kimsuky
domainclbazqrl.reverifyblogmid1s.dns.army	apt_kimsuky
domaincndgre.naveblogedit64s.dns.army	apt_kimsuky
domainctxuqxwd.temppos61s.dynv6.net	apt_kimsuky
domaindazlvgk.ndeblogreceive65s.dynv6.net	apt_kimsuky
domaindocinf.reportml14id.dynv6.net	apt_kimsuky
domaindocinf.ubposting36s.dynv6.net	apt_kimsuky
domaineblogflag10s.dynv6.net	apt_kimsuky
domaineblogflag11s.dynv6.net	apt_kimsuky
domaineblogflag15s.dynv6.net	apt_kimsuky
domaineboardreport10s.dynuddns.net	apt_kimsuky
domaineboardreport17s.dynuddns.net	apt_kimsuky
domaineboardreport26s.dynuddns.net	apt_kimsuky
domaineboardreport28s.dynuddns.net	apt_kimsuky
domaineboardreports32s.dynv6.net	apt_kimsuky
domaineboardreports96s.dynv6.net	apt_kimsuky
domainedoc.reportml10id.dynv6.net	apt_kimsuky
domainedoc.reportml16id.dynv6.net	apt_kimsuky
domainejcvdv.naveblogedit42s.dns.army	apt_kimsuky
domainenboardingreport12s.dns.army	apt_kimsuky
domainenboardingreport47s.dns.army	apt_kimsuky
domainenboardingreport70s.dns.army	apt_kimsuky
domainenboardingreport91s.dns.army	apt_kimsuky
domainenboardingreport93s.dns.army	apt_kimsuky
domainenboardingreport98s.dns.army	apt_kimsuky
domainetucgwb.ndeblogreceive31s.dynv6.net	apt_kimsuky
domainghblwiua.nreceiveopt74s.dynv6.net	apt_kimsuky
domaingysszbr.ublogcom14avs.dns.army	apt_kimsuky
domainhcmjgjjj.nlockblogera.mydns.bz	apt_kimsuky
domaininfo.nbreceip29id.dynv6.net	apt_kimsuky
domaininfo.userblogreqt1s.dynv6.net	apt_kimsuky
domainjwcstpii.myblog-nauth21s.dynv6.net	apt_kimsuky
domainjypxdcy.temppos95s.dynv6.net	apt_kimsuky
domainkuvcboxi.ndeblogreceive48s.dynv6.net	apt_kimsuky
domainltvhogf.reverifyblogmid8s.dns.army	apt_kimsuky
domainmgoqkht.nrepcenter2blog.dns.army	apt_kimsuky
domainmlxdicgz.reverifyblogmid18s.dns.army	apt_kimsuky
domainmyblog-nauth0s.dynv6.net	apt_kimsuky
domainmyblog-nauth21s.dynv6.net	apt_kimsuky
domainmyblog-nauth36s.dynv6.net	apt_kimsuky
domainmyblog-nauth37s.dynv6.net	apt_kimsuky
domainmyblog-nauth41s.dynv6.net	apt_kimsuky
domainmyblog-nauth49s.dynv6.net	apt_kimsuky
domainmyblog-nauth54s.dynv6.net	apt_kimsuky
domainmyblog-nauth73s.dynv6.net	apt_kimsuky
domainmyblog-nauth74s.dynv6.net	apt_kimsuky
domainmyblog-nauth79s.dynv6.net	apt_kimsuky
domainnaveblogedit30s.dns.army	apt_kimsuky
domainnaveblogedit42s.dns.army	apt_kimsuky
domainnaveblogedit64s.dns.army	apt_kimsuky
domainnbclouds1avs.dynu.org	apt_kimsuky
domainnbclouds28avs.dynu.org	apt_kimsuky
domainnbclouds46avs.dynu.org	apt_kimsuky
domainnblogwork10th.dns.army	apt_kimsuky
domainnblogwork18th.dns.army	apt_kimsuky
domainnblogwork19th.dns.army	apt_kimsuky
domainnblogwork20th.dns.army	apt_kimsuky
domainnblogwork21th.dns.army	apt_kimsuky
domainnblogwork23th.dns.army	apt_kimsuky
domainnblogwork30th.dns.army	apt_kimsuky
domainnblogwork32th.dns.army	apt_kimsuky
domainnblogwork41th.dns.army	apt_kimsuky
domainnblogwork54th.dns.army	apt_kimsuky
domainnblogwork57th.dns.army	apt_kimsuky
domainnblogwork6th.dns.army	apt_kimsuky
domainnblogwork76th.dns.army	apt_kimsuky
domainnblogwork78th.dns.army	apt_kimsuky
domainnblogwork79th.dns.army	apt_kimsuky
domainnblogwork93th.dns.army	apt_kimsuky
domainnblogwork99th.dns.army	apt_kimsuky
domainnbreceip29id.dynv6.net	apt_kimsuky
domainndajofp.myblog-nauth54s.dynv6.net	apt_kimsuky
domainndeblogreceive14s.dynv6.net	apt_kimsuky
domainndeblogreceive2s.dynv6.net	apt_kimsuky
domainndeblogreceive31s.dynv6.net	apt_kimsuky
domainndeblogreceive48s.dynv6.net	apt_kimsuky
domainndeblogreceive55s.dynv6.net	apt_kimsuky
domainndeblogreceive58s.dynv6.net	apt_kimsuky
domainndeblogreceive5s.dynv6.net	apt_kimsuky
domainndeblogreceive63s.dynv6.net	apt_kimsuky
domainndeblogreceive65s.dynv6.net	apt_kimsuky
domainndeblogreceive90s.dynv6.net	apt_kimsuky
domainndeblogreceive96s.dynv6.net	apt_kimsuky
domainndocline-st36s.dns.army	apt_kimsuky
domainndocline-st42s.dns.army	apt_kimsuky
domainndocline-st44s.dns.army	apt_kimsuky
domainndocline-st48s.dns.army	apt_kimsuky
domainndocline-st57s.dns.army	apt_kimsuky
domainndocline-st64s.dns.army	apt_kimsuky
domainndocline-st73s.dns.army	apt_kimsuky
domainnetauth-umblog70s.dynv6.net	apt_kimsuky
domainnetctxuqxwd.temppos61s.dynv6.net	apt_kimsuky
domainnetmem-authcenter31s.dynv6.net	apt_kimsuky
domainnetrequestmbl27s.dynv6.net	apt_kimsuky
domainnhsinsur10s.dynuddns.net	apt_kimsuky
domainnhsinsur1s.dynuddns.net	apt_kimsuky
domainnhsinsur2s.dynuddns.net	apt_kimsuky
domainnhsinsur5s.dynuddns.net	apt_kimsuky
domainnhsinsur6s.dynuddns.net	apt_kimsuky
domainnhsinsur7s.dynuddns.net	apt_kimsuky
domainnhsinsur8s.dynuddns.net	apt_kimsuky
domainnhsreports74s.dynv6.net	apt_kimsuky
domainnid-blog.uprocessblog7s.dynuddns.net	apt_kimsuky
domainnid.npt-memdoc23s.dynv6.net	apt_kimsuky
domainnid.userblogreqt7s.dynv6.net	apt_kimsuky
domainnidcenter.unlockeblog16s.dynuddns.net	apt_kimsuky
domainnidcenter.unlockeblog22s.dynuddns.net	apt_kimsuky
domainnidcenter.unlockeblog9s.dynuddns.net	apt_kimsuky
domainnidcenter.uprocessblog2s.dynuddns.net	apt_kimsuky
domainnlockblogera.mydns.bz	apt_kimsuky
domainnpt-memdoc10s.dynv6.net	apt_kimsuky
domainnpt-memdoc11s.dynv6.net	apt_kimsuky
domainnpt-memdoc13s.dynv6.net	apt_kimsuky
domainnpt-memdoc16s.dynv6.net	apt_kimsuky
domainnpt-memdoc17s.dynv6.net	apt_kimsuky
domainnpt-memdoc21s.dynv6.net	apt_kimsuky
domainnpt-memdoc23s.dynv6.net	apt_kimsuky
domainnpt-memdoc24s.dynv6.net	apt_kimsuky
domainnpt-memdoc31s.dynv6.net	apt_kimsuky
domainnpt-memdoc33s.dynv6.net	apt_kimsuky
domainnpt-memdoc36s.dynv6.net	apt_kimsuky
domainnpt-memdoc3s.dynv6.net	apt_kimsuky
domainnpt-memdoc6s.dynv6.net	apt_kimsuky
domainnreceiveopt30s.dynv6.net	apt_kimsuky
domainnreceiveopt42s.dynv6.net	apt_kimsuky
domainnreceiveopt53s.dynv6.net	apt_kimsuky
domainnreceiveopt55s.dynv6.net	apt_kimsuky
domainnreceiveopt74s.dynv6.net	apt_kimsuky
domainnreceiveopt78s.dynv6.net	apt_kimsuky
domainnreceiveopt96s.dynv6.net	apt_kimsuky
domainnrepcenter17blog.dns.army	apt_kimsuky
domainnrepcenter29blog.dns.army	apt_kimsuky
domainnrepcenter2blog.dns.army	apt_kimsuky
domainnrepcenter31blog.dns.army	apt_kimsuky
domainnrepcenter33blog.dns.army	apt_kimsuky
domainnstaticblogera.mydns.bz	apt_kimsuky
domainntblog-post25s.dynv6.net	apt_kimsuky
domainntblog-post27s.dynv6.net	apt_kimsuky
domainntblog-post39s.dynv6.net	apt_kimsuky
domainntblog-post57s.dynv6.net	apt_kimsuky
domainntblog-post65s.dynv6.net	apt_kimsuky
domainntblog-post71s.dynv6.net	apt_kimsuky
domainntblog-post77s.dynv6.net	apt_kimsuky
domainntblog-post90s.dynv6.net	apt_kimsuky
domainnworkposting12s.dynv6.net	apt_kimsuky
domainnworkposting20s.dynv6.net	apt_kimsuky
domainnworkposting2s.dynv6.net	apt_kimsuky
domainnworkposting30s.dynv6.net	apt_kimsuky
domainnworkposting33s.dynv6.net	apt_kimsuky
domainnworkposting34s.dynv6.net	apt_kimsuky
domainnworkposting38s.dynv6.net	apt_kimsuky
domainnworkposting40s.dynv6.net	apt_kimsuky
domainnworkposting50s.dynv6.net	apt_kimsuky
domainnworkposting57s.dynv6.net	apt_kimsuky
domainnworkposting66s.dynv6.net	apt_kimsuky
domainnworkposting86s.dynv6.net	apt_kimsuky
domainnworkposting88s.dynv6.net	apt_kimsuky
domainnzudvvsv.reverifyblogmid1s.dns.army	apt_kimsuky
domainoqjplre.nrepcenter2blog.dns.army	apt_kimsuky
domainpbedxvnl.ndeblogreceive5s.dynv6.net	apt_kimsuky
domainreportml10id.dynv6.net	apt_kimsuky
domainreportml14id.dynv6.net	apt_kimsuky
domainreportml16id.dynv6.net	apt_kimsuky
domainreportml18id.dynv6.net	apt_kimsuky
domainreportml19id.dynv6.net	apt_kimsuky
domainreportml29id.dynv6.net	apt_kimsuky
domainreportml2id.dynv6.net	apt_kimsuky
domainreportml31id.dynv6.net	apt_kimsuky
domainreportml34id.dynv6.net	apt_kimsuky
domainreportml46id.dynv6.net	apt_kimsuky
domainreportml94id.dynv6.net	apt_kimsuky
domainreverifyblogmid18s.dns.army	apt_kimsuky
domainreverifyblogmid1s.dns.army	apt_kimsuky
domainreverifyblogmid24s.dns.army	apt_kimsuky
domainreverifyblogmid47s.dns.army	apt_kimsuky
domainreverifyblogmid49s.dns.army	apt_kimsuky
domainreverifyblogmid8s.dns.army	apt_kimsuky
domainscqrzon.naveblogedit30s.dns.army	apt_kimsuky
domainsfamehx.reverifyblogmid49s.dns.army	apt_kimsuky
domaintdjqlo.nrepcenter17blog.dns.army	apt_kimsuky
domaintemppos61s.dynv6.net	apt_kimsuky
domaintemppos95s.dynv6.net	apt_kimsuky
domainublog.nworkposting34s.dynv6.net	apt_kimsuky
domainublogcom14avs.dns.army	apt_kimsuky
domainublogcom17avs.dns.army	apt_kimsuky
domainublogcom20avs.dns.army	apt_kimsuky
domainublogcom21avs.dns.army	apt_kimsuky
domainublogcom22avs.dns.army	apt_kimsuky
domainublogcom24avs.dns.army	apt_kimsuky
domainublogcom32avs.dns.army	apt_kimsuky
domainublogrec18s.dynv6.net	apt_kimsuky
domainublogrec42s.dynv6.net	apt_kimsuky
domainublogrec87s.dynv6.net	apt_kimsuky
domainubposting12s.dynv6.net	apt_kimsuky
domainubposting36s.dynv6.net	apt_kimsuky
domainunlockeblog11s.dynuddns.net	apt_kimsuky
domainunlockeblog16s.dynuddns.net	apt_kimsuky
domainunlockeblog1s.dynuddns.net	apt_kimsuky
domainunlockeblog20s.dynuddns.net	apt_kimsuky
domainunlockeblog22s.dynuddns.net	apt_kimsuky
domainunlockeblog3s.dynuddns.net	apt_kimsuky
domainunlockeblog9s.dynuddns.net	apt_kimsuky
domainuprocessblog10s.dynuddns.net	apt_kimsuky
domainuprocessblog1s.dynuddns.net	apt_kimsuky
domainuprocessblog2s.dynuddns.net	apt_kimsuky
domainuprocessblog3s.dynuddns.net	apt_kimsuky
domainuprocessblog5s.dynuddns.net	apt_kimsuky
domainuprocessblog7s.dynuddns.net	apt_kimsuky
domainuprocessblog8s.dynuddns.net	apt_kimsuky
domainuprocessblog9s.dynuddns.net	apt_kimsuky
domainuserblogreqt1s.dynv6.net	apt_kimsuky
domainuserblogreqt2s.dynv6.net	apt_kimsuky
domainuserblogreqt3s.dynv6.net	apt_kimsuky
domainuserblogreqt5s.dynv6.net	apt_kimsuky
domainuserblogreqt7s.dynv6.net	apt_kimsuky
domainuserinfo.reportml34id.dynv6.net	apt_kimsuky
domainuserinfo.reportml46id.dynv6.net	apt_kimsuky
domainuserinfo.ubposting12s.dynv6.net	apt_kimsuky
domainuserpinv.mydns.bz	apt_kimsuky
domainuszgaz.nrepcenter33blog.dns.army	apt_kimsuky
domainviwfjugh.nreceiveopt55s.dynv6.net	apt_kimsuky
domainwhfscqen.reverifyblogmid24s.dns.army	apt_kimsuky
domainzaajew.ndeblogreceive96s.dynv6.net	apt_kimsuky
domainzczaoa.nlockblogera.mydns.bz	apt_kimsuky
domainztphnms.nworkposting2s.dynv6.net	apt_kimsuky
domainzwjqve.ublogcom20avs.dns.army	apt_kimsuky
domainzwsrbab.nrepcenter31blog.dns.army	apt_kimsuky
domainbloodgroupcrib.com	apt_unc2465
domainchiroaz.com	apt_unc2465
domainclaytonpestcontrol.com	apt_unc2465
domaincontextualdesigns.com	apt_unc2465
domainprivatedetectivetampa.com	apt_unc2465
domaintrendoragame.com	apt_unc2465

Ip

Value	Description	Copy
ip188.137.254.82	sectoprat
ip193.233.82.76	sectoprat
ip89.124.108.104	sectoprat
ip89.124.99.84	sectoprat
ip147.124.211.143	apt_lazarus
ip147.124.212.178	apt_lazarus
ip147.124.212.180	apt_lazarus
ip147.124.212.207	apt_lazarus
ip176.9.174.137	apt_lazarus
ip37.48.102.17	apt_lazarus
ip45.43.11.214	apt_lazarus
ip66.235.168.158	apt_lazarus

Threat ID: 6a1d5c6de29bf47b50d54f09

Added to database: 6/1/2026, 10:18:21 AM

Last enriched: 6/1/2026, 10:33:28 AM

Last updated: 6/1/2026, 4:15:08 PM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

External Links

Search on Google

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited

View courses

Maltrail IOC for 2026-06-01

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

Maltrail IOC for 2026-06-01

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Technical Details

Indicators of Compromise

Url

Domain

Ip

Community Reviews

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility

Maltrail IOC for 2026-06-01

AI Analysis

Technical Summary

Potential Impact

Mitigation Recommendations

Indicators of Compromise

Maltrail IOC for 2026-06-01

Description

AI-Powered Analysis

Technical Analysis

Potential Impact

Mitigation Recommendations

Technical Details

Indicators of Compromise

Url

Domain

Ip

Community Reviews

Related Threats

I found a new malware while searching for fivem low pc graphics packs

Operation Dragon Weave: Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan Using Azure Cloud C2

Reloaded in a modern Remcos RAT Infection

A stealthy RAT burrowing deep into Android devices

ThreatFox IOCs for 2026-05-31

Actions

External Links

Need more coverage?

Latest Threats

Check if your credentials are on the dark web

Lead Pen Test Professional

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility